Hello,
I’m planning to set up a VPN on my router with iked(8).
The first goal is to have my Macbook and iPhone connected, both to route the
traffic thrugh my router at home, and to get access to the services running on
a machine behind the router.
I’ve read the VPN section in the FAQ, and I und
Hello,
Are there any plans for providing pre-built images to be used on embeded
machines, like FreeBSD and NetBSD do?
It would be nice to run OpenBSD directly from a SD card on the Raspberry Pi e.g.
Regards, Martin
Hello Luis,
Do you have pf enabled on the router, and block all incomming traffic by
default?
If so, you need to permit the dhcp server to give response to your client, with
a rule like this:
pass in quick on ure0 inet proto udp from port 67 to port 68
Regards, Martin
Hello Jan,
Thanks for the tip.
The upgrade went smoothly.
I ran “sysupgrade -n”, deleted the game set and the X sets and rebooted.
Perhaps sysupgrade should be enhanced, so one could either choose which sets
should be upgraded, or even beter, the tool could figure out which sets are
installed,
Hello,
I’m planning to upgrade my router from 7.3 to 7.4 using sysupgrade, but I’ve
one concern.
Some time ago, I upgraded a RPi4 from 7.2 to 7.3, and X got installed, even
though it wasn’t before the upgrade.
I thaught sysupgrade only upgraded the installed sets.
How does it work on 7.3?
On my
Hello Andre,
Thanks for all the good input and links.
I should be able to get a working setup now.
As far as I understand, I can use the keys generated with the wg tools, instead
of those generated by openssl.
They look very simular to me.
Am I right?
Regarding pf, should the udp port I choose
Hello,
I’m blind, and therefor I’m using a refreshable braille display.
In Linux, support is provided by the BRLTTY daemon.
It doesn’t work under *BSD, and as far as I understand, it has to do with the
way the console driver is providing data.
However, it could run within a screen session.
In fac
Hello Stuart,
Thanks for a detailed and good explenation!
I choosed the WireGuard-tools solution, because I understood how it works, and
it is easy to configure.
I’ve read a bit in the wg(4) manual, and I get confused of how things actually
works.
Is it possible to use wireguard-tools’s private
Hello,
Ok, now I finally got it running.
I decided to bring up the wg interface using hostname.wg0, and start WireGuard
from /etc/rc.local.
This machine also acts as the router for my lan/wlan, so I already have a
“match out” rule to enable NAT for those interfaces in pf.
Will this rule also do
Hello,
I’m configuring a WireGuard server on an OpenBSD 7.3 machine, using this howto:
https://ianix.com/wireguard/openbsd-howto.html
I don’t get the wg0 interface up.
The hostname.wg0 contains:
inet 10.0.6.1 0xfgffgf00 NONE up !/usrlocal/bin/wg setconf wg0
/etc/wireguard/wg0.conf
And w
Hello Brian,
I forgot to say that my site set did include the already prepared pf.conf, but
not rc.conf.local, where pf was set to be disabled.
As the result, pf started with rules for nat/firewall, not the default ones.
And that created the “problem”.
Martin
Hello Steve,
Yes, off course one should have a firewall.
That was why I installed OpenBSD on the actual machine in the first place.
I prepared it when it was on the LAN only, and then moved it into production.
And now it works perfectely.
But the firewall needed to be disabled while the machine wa
Hello,
I’ve installed OpenBSD/i386 7.3 on a Macbook 2006.
It works, but the fan is running at maximum all the time.
Is there anything I can do to optimize the system for such machines?
Here’s the output from dmesg and “sysctl hw.sensors”:
http://paste.debian.net/1278825/
Regards, Martin
Hello Stefan,
Thanks for the clear-up.
And now, it works!
When I created the site set, I forgot to add /etc/rc.conf.local, where pf was
set to be disabled.
The reason was, as you see, pf. :-)
So a simple “pfctl -d” solved the “problem”.
Good to know that the fault actually wasn’t a careless user
Hello Daniel,
The problem is, as I told, that I’m blind.
I don’t have a screen at home, and it’s not easy to bring it to someone who has.
All went just fine until it was time to reboot.
So if someone could tell me what is missing, I guess it should work to get in
the missing files from another i
Hello,
I’m blind, and got sighted help to install OpenBSD on the machine which should
become a new router.
Unfortunately, I was stupid enough to detach the USB stick I booted from,
before I was to hit R for the reboot.
The result was that the last selection disappeared due to the detach message
Hello Stuart,
Can you recommend a USB 2 or 3 NIC which uses a different driver then ure,,
with good performance?
Does any of the known manufactures, Asus e.i, use a different chipset?
Martin
Hello,
I have a Raspberry Pi 4 with 2 USB NIC’s attached.
One via USB3 (ure0), and the other via USB2 (ure1).
Since they are connected to different USB interfaces, I thaught they would get
configured the same way on reboot.
But that’s not the case.
They became swapped on reboot.
Is there a way to
Hello,
Back in the days, 10 years or so, there was a rc.conf directive called
“pf_rules”, which one could use to override the location of the config file for
PF.
I don’t see this option in the default rc.conf now.
Is it still valid?
If so, how could one set it in rc.conf.local with rcctl?
Regar
Hello,
I’m planning to set up a VPN.
The problem is, I get confused about all the features and possibilities, so I
really don’t know where to start.
I’m running OpenBSD on my router, and a Debian-server behind it, providing
several public services, off course using nat/rdr with PF.
My first g
Hello,
I’ve configured a Raspberry Pi 4 as a router with OpenBSD 7.2, with great
performance.
The driver for the internal wireless NIC (bwfm) states that it can operate in
AP mode.
I got the card configured correctly, but it doesn’t broadcast the SSID.
I can’t connect manually either.
Here's /e
21 matches
Mail list logo
